added references

4 years ago · 26b59a90d2
parent 02c661104c
commit 26b59a90d2
5 changed files with 56 additions and 17 deletions
--- a/medup-requirements/draft-symeonidis-medup-requirements.mkd
+++ b/medup-requirements/draft-symeonidis-medup-requirements.mkd
@ -155,7 +155,9 @@ https://autocrypt.org/background.html

 # Basic Functional Requirements

-This section outlines the functional requirements. We follow the requirements extracted from the literature on private emails and instant messaging~\cite{Unger,Ermoshina,Clark}
+This section outlines the functional requirements. We follow the
+requirements extracted from the literature on private emails and
+instant messaging {{Unger}}.

 * Message: send and receive message(s)
 * Multi-device support: synchronisation across multiple devices
@ -241,11 +243,10 @@ can be from local controlling one point of the communication channel
 such as an entity or a communication link of the network. It can also
 be a global adversary controlling several entities and communication
 links of the channel, gaining the capability of correlating traffic
-such as in timing attacks even for end-to-end communication
-systems<!-- ~\cite{torwebsite:timing-attacks} -->. Therefore,
-confidentiality of messages exchanged in the system should be
-guaranteed with the use of encryption schemes such as symmetric,
-asymmetric, or homomorphic encryption.
+such as in timing attacks even for end-to-end communication systems
+{{Tor}}. Therefore, confidentiality of messages exchanged in the
+system should be guaranteed with the use of encryption schemes such as
+symmetric, asymmetric, or homomorphic encryption.


 ### Tampering With Data and Data Authentication
@ -294,12 +295,11 @@ such as the message operators, the network node or third parties. To
 mitigate identifiability threats, the anonymity of users must be
 guaranteed. It is defined as the "Anonymity of a subject from an
 attacker’s perspective means that the attacker cannot sufficiently
-identify the subject within a set of subjects, the anonymity set"<!-- 
-~\cite{pfitzmann2010terminology} -->. Essentially, to enable
-anonymity, there is always need to be a set of possible subjects such
-that for an adversary the communicating user can be equally likely of
-any other user in the set<!-- ~\cite{DBLP:conf/pet/DiazSCP02}
-->. Thus, an adversary cannot deduce who is the originator of a
+identify the subject within a set of subjects, the anonymity set"
+{{Pfitzmann}}. Essentially, to enable anonymity, there is always need
+to be a set of possible subjects such that for an adversary the
+communicating user can be equally likely of any other user in the set
+{{Diaz}}. Thus, an adversary cannot deduce who is the originator of a
 message. Anonymity can be achieved with the use of pseudonyms and
 cryptographic schemes such as anonymous remailers (i.e., mixnets),
 anonymous communications channels (e.g., Tor), and secret sharing.
@ -328,10 +328,9 @@ parties. In contrast to anonymity and unlinkability, where the
 relationship from an IOI to a user is preserved, undetectability is
 defined as "Undetectability of an item of interest (IOI) from an
 attacker’s perspective means that the attacker cannot sufficiently
-distinguish whether it exists or not."<!--
-~\cite{pfitzmann2010terminology} -->. Undetectability of IOIs can be
-guaranteed with the use of cryptographic schemes such as Mix-nets and
-obfuscation mechanisms such as dummy traffic.
+distinguish whether it exists or not." {{Pfitzmann}}. Undetectability
+of IOIs can be guaranteed with the use of cryptographic schemes such
+as Mix-nets and obfuscation mechanisms such as dummy traffic.


 ## Information disclosure -- confidentiality
--- a/shared/references/diaz-measuring-anonymity.mkd
+++ b/shared/references/diaz-measuring-anonymity.mkd
@ -0,0 +1,19 @@
+  Diaz:
+#    target: 
+    title: Towards Measuring Anonymity
+    author:
+      -
+        name: Claudia Diaz
+        ins: C. Diaz
+      -
+        name: Stefaan Seys
+        ins: St. Seys
+      -
+        name: Joris Claessens 
+        ins: J. Claessens 
+      -
+        name: Bart Preneel
+        ins: B. Preneel
+    date: 2002
+    seriesinfo:
+      PET: Privacy Enhancing Technologies, Second International Workshop, San Francisco, CA, USA, April 14-15, 2002, Revised Papers, pp. 54-68
--- a/shared/references/pfitzmann-terminology-privacy.mkd
+++ b/shared/references/pfitzmann-terminology-privacy.mkd
@ -0,0 +1,13 @@
+  Pfitzmann:
+    target: https://nyuscholars.nyu.edu/en/publications/sok-secure-messaging
+    title:  "A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management"
+    author:
+      -
+        name: Andreas Pfitzmann
+        ins: A. Pfitzmann
+      -
+        name: Marit Hansen
+        ins: M. Hansen
+    date: 2010
+    # seriesinfo:
+
--- a/shared/references/tor-timing-attacks.mkd
+++ b/shared/references/tor-timing-attacks.mkd
@ -0,0 +1,8 @@
+  Tor:
+    target: https://blog.torproject.org/one-cell-enough-break-tors-anonymity/
+    title:  "One cell is enough to break Tor's anonymity"
+    author:
+        name: Tor Project
+#        ins: 
+    date: Accessed 2019-06
+    # seriesinfo:
--- a/shared/references/unger-sok.mkd
+++ b/shared/references/unger-sok.mkd
@ -1,4 +1,4 @@
-  Unger.SoK:
+  Unger:
    target: https://nyuscholars.nyu.edu/en/publications/sok-secure-messaging
    title:  "SoK: Secure Messaging"
    author: